Saturday, October 5, 2013

STA-AP: WPA-PSK Connection Establishment (Sequence Diagram)



Summary

  • Probe response and beacon frames include the WPA IE (AP WPA capabilities)
  • Association request from STA includes the WPA IE (STA WPA capablities)
  • IEs in EAPOL messages and corresponding probe/beacon/assoc messages should match
  • WPA Pairwise Key (TKIP) is dervied from the following
    • STA MAC address
    • AP MAC address
    • PMK (Pairwise Master Key) (PMK = PSK (256 bits))
    • Authenticator (AP) Nonce (A random value genearted by AP)
    • Supplicant (STA) Nonce (A random value generated by STA)
  • Pairwise key consists of 
    • EAPOL KEK (128 bits)
    • EAPOL KCK (128 bits)
    • TKIP TK (128 bits)
    • TKIP MIC Key (128 bits)
  • WPA does not use KEK to encrypt the keys (Q:What is the purpose of KEK in TKIP?)
  • KCK is used for integrity protection of EAPOL messages
  • Group key messages are encrypted using TKIP TK
  • Group key consists of
    • Group Temporal Key (128 bits)
    • Group MIC (128 bits)
  • Group key may be periodically updated by the AP
  • Air-traces used to generate this diagram can be downloaded from here 

13 comments:

  1. This is apply to client server architecture right? From what diagram software you draw this sequence diagram ? If it is a platform independent software please specify.

    ReplyDelete
    Replies
    1. This applies to Infrastructure mode (See http://wireless.kernel.org/en/users/Documentation/modes).
      I generate the diagrams using https://www.websequencediagrams.com/.

      Delete
  2. Nice Post Keep Posting like this on regular basis.Hack Wifi Password

    ReplyDelete
  3. Very amazing and informative post.
    i am very glad to have such posts please keep sharing
    canon printer support

    ReplyDelete
  4. Amazing post want to see more post like this in future also it helps in mortivate ourselves please keep sharing.lexmarkprinter support

    ReplyDelete
  5. Very amazing and informative post.i am very glad to have such posts please keep sharing
    fantastic post very beneficial please keep sharing.
    hp printer support

    ReplyDelete
  6. Mindblowing post amazing hope for more in future please keep sharing
    canon printer support

    ReplyDelete
  7. Mindblowing fantastic post amazing please keep sharing.brother printer support

    ReplyDelete
  8. Fantastic job please keep sharing because the post is very hwlpful and inspirational so carry on.lexmark printer support

    ReplyDelete
  9. Nice Post. I like your blog. Thanks for Sharing.
    WiFi Speed Test

    ReplyDelete
  10. marvellous post i am eagerly waiting for your posts because your posts are very amazing please keep sharing in future.canon printer support

    ReplyDelete
  11. Awesome publish very informative and really helpful .Please keep sharing i need to peer such posts in future also.epson printer support

    ReplyDelete
  12. Nice post!! Thanks for sharing. Happy to read your Blog. If you want to know about Google Wifi Help you can visit here.

    ReplyDelete